xl2tpd/xl2tpd-1.3.8-saref.patch

diff --git a/file.c b/file.c
index f61c221..a6362c0 100644
--- a/file.c
+++ b/file.c
@@ -42,6 +42,8 @@ int init_config ()
 
     gconfig.port = UDP_LISTEN_PORT;
     gconfig.sarefnum = IP_IPSEC_REFINFO; /* default use the latest we know */
+    gconfig.ipsecsaref = 0; /* default off - requires patched KLIPS kernel module */
+    gconfig.forceuserspace = 0; /* default off - allow kernel decap of data packets */
     gconfig.listenaddr = htonl(INADDR_ANY); /* Default is to bind (listen) to all interfaces */
     gconfig.debug_avp = 0;
     gconfig.debug_network = 0;
diff --git a/network.c b/network.c
index 543d30e..c66d1e3 100644
--- a/network.c
+++ b/network.c
@@ -78,23 +78,27 @@ int init_network (void)
      * For L2TP/IPsec with KLIPSng, set the socket to receive IPsec REFINFO
      * values.
      */
-    arg=1;
-    if(setsockopt(server_socket, IPPROTO_IP, gconfig.sarefnum,
-		  &arg, sizeof(arg)) != 0) {
-	    l2tp_log(LOG_CRIT, "setsockopt recvref[%d]: %s\n", gconfig.sarefnum, strerror(errno));
-
-	    gconfig.ipsecsaref=0;
-    }
-
-    arg=1;
-    if(setsockopt(server_socket, IPPROTO_IP, IP_PKTINFO, (char*)&arg, sizeof(arg)) != 0) {
-	    l2tp_log(LOG_CRIT, "setsockopt IP_PKTINFO: %s\n", strerror(errno));
+    if (!gconfig.ipsecsaref)
+    {
+        l2tp_log (LOG_INFO, "Not looking for kernel SAref support.\n");
     }
-#else
+    else
     {
-	l2tp_log(LOG_INFO, "No attempt being made to use IPsec SAref's since we're not on a Linux machine.\n");
+        arg=1;
+        if(setsockopt(server_socket, IPPROTO_IP, gconfig.sarefnum,  &arg, sizeof(arg)) != 0) {
+            l2tp_log(LOG_CRIT, "setsockopt recvref[%d]: %s\n", gconfig.sarefnum, strerror(errno));
+            gconfig.ipsecsaref=0;
+        }
+        else
+        {
+            arg=1;
+            if(setsockopt(server_socket, IPPROTO_IP, IP_PKTINFO, (char*)&arg, sizeof(arg)) != 0) {
+                l2tp_log(LOG_CRIT, "setsockopt IP_PKTINFO: %s\n", strerror(errno));
+            }
+        }
     }
-
+#else
+    l2tp_log(LOG_INFO, "No attempt being made to use IPsec SAref's since we're not on a Linux machine.\n");
 #endif
 
 #ifdef USE_KERNEL
- Resolves: rhbz#1562512 kernels 4.15 and 4.16 break xl2tpd 7 years ago			`diff --git a/file.c b/file.c`
			`index f61c221..a6362c0 100644`
			`--- a/file.c`
			`+++ b/file.c`
			`@@ -42,6 +42,8 @@ int init_config ()`
new sources and patches 8 years ago
			`gconfig.port = UDP_LISTEN_PORT;`
			`gconfig.sarefnum = IP_IPSEC_REFINFO; /* default use the latest we know */`
			`+ gconfig.ipsecsaref = 0; /* default off - requires patched KLIPS kernel module */`
			`+ gconfig.forceuserspace = 0; /* default off - allow kernel decap of data packets */`
			`gconfig.listenaddr = htonl(INADDR_ANY); /* Default is to bind (listen) to all interfaces */`
			`gconfig.debug_avp = 0;`
			`gconfig.debug_network = 0;`
- Resolves: rhbz#1562512 kernels 4.15 and 4.16 break xl2tpd 7 years ago			`diff --git a/network.c b/network.c`
			`index 543d30e..c66d1e3 100644`
			`--- a/network.c`
			`+++ b/network.c`
			`@@ -78,23 +78,27 @@ int init_network (void)`
new sources and patches 8 years ago			`* For L2TP/IPsec with KLIPSng, set the socket to receive IPsec REFINFO`
			`* values.`
			`*/`
- Resolves: rhbz#1562512 kernels 4.15 and 4.16 break xl2tpd 7 years ago			`- arg=1;`
			`- if(setsockopt(server_socket, IPPROTO_IP, gconfig.sarefnum,`
			`- &arg, sizeof(arg)) != 0) {`
			`- l2tp_log(LOG_CRIT, "setsockopt recvref[%d]: %s\n", gconfig.sarefnum, strerror(errno));`
			`-`
			`- gconfig.ipsecsaref=0;`
			`- }`
			`-`
			`- arg=1;`
			`- if(setsockopt(server_socket, IPPROTO_IP, IP_PKTINFO, (char*)&arg, sizeof(arg)) != 0) {`
			`- l2tp_log(LOG_CRIT, "setsockopt IP_PKTINFO: %s\n", strerror(errno));`
new sources and patches 8 years ago			`+ if (!gconfig.ipsecsaref)`
			`+ {`
			`+ l2tp_log (LOG_INFO, "Not looking for kernel SAref support.\n");`
- Resolves: rhbz#1562512 kernels 4.15 and 4.16 break xl2tpd 7 years ago			`}`
			`-#else`
new sources and patches 8 years ago			`+ else`
- Resolves: rhbz#1562512 kernels 4.15 and 4.16 break xl2tpd 7 years ago			`{`
			`- l2tp_log(LOG_INFO, "No attempt being made to use IPsec SAref's since we're not on a Linux machine.\n");`
			`+ arg=1;`
			`+ if(setsockopt(server_socket, IPPROTO_IP, gconfig.sarefnum, &arg, sizeof(arg)) != 0) {`
			`+ l2tp_log(LOG_CRIT, "setsockopt recvref[%d]: %s\n", gconfig.sarefnum, strerror(errno));`
			`+ gconfig.ipsecsaref=0;`
			`+ }`
			`+ else`
			`+ {`
			`+ arg=1;`
			`+ if(setsockopt(server_socket, IPPROTO_IP, IP_PKTINFO, (char*)&arg, sizeof(arg)) != 0) {`
			`+ l2tp_log(LOG_CRIT, "setsockopt IP_PKTINFO: %s\n", strerror(errno));`
			`+ }`
			`+ }`
new sources and patches 8 years ago			`}`
- Resolves: rhbz#1562512 kernels 4.15 and 4.16 break xl2tpd 7 years ago			`-`
			`+#else`
			`+ l2tp_log(LOG_INFO, "No attempt being made to use IPsec SAref's since we're not on a Linux machine.\n");`
			`#endif`
new sources and patches 8 years ago
- Resolves: rhbz#1562512 kernels 4.15 and 4.16 break xl2tpd 7 years ago			`#ifdef USE_KERNEL`